<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<html>
<body>
<h3>Welcome admin, here are the passwords, don't worry they are well protected!</h3>
<?
/*********************************************************************************************
 * To try this script for yourself follow these steps:
 * 1. Install MySQL.
 *
 * 2. create a database:
 *	create database mysql_encode;
 *
 * 3. create a table named users with 2 columns - user, pass:
 *	create table users(user char(32),password char(64));
 *
 * 4. update the 3 php pages with the connection string:
 *	$con = mysqli_connect('127.0.0.1',<<database-user>>,<<database-pass>>,'mysql_encode');
 *
 * 5. create a user and pasword, also create 'attacker' user from the index.php page. then run the python script to break this password
 *
 * Best regards,
 * Shmuel Amar, shmuel@cyberint.com
 * www.cyberint.com
 *
 **********************************************************************************************/
 
//connect to the database:
$con = mysqli_connect(your connection-string here) or die("cant connect to database"); 

//create the sql query
$sql = "select * from users;";

//execute query
$result = mysqli_query($con,$sql);

//print results
while($row = mysqli_fetch_assoc($result)){
    foreach($row as $cname => $cvalue){
	print "<span>".$cvalue."</span> ";
    }
    print "<br>";
}
if(mysqli_errno($con) != 0){
	echo mysqli_errno($con) . ": " . mysqli_error($con) . "\n";
}

//close DB connection
mysqli_close($con);

?>
